RE: suggestions for proxy server to run on w2003 box.. :VSMail m x3

From: Jamie Fullerton (Jamie.Fullerton_at_ndbt.com)
Date: 01/10/05

  • Next message: Shaffer, Bruce: "RE: Anti-spyware Beta from Microsoft available" 
    To: focus-ms@securityfocus.com
Date: Mon, 10 Jan 2005 14:29:31 -0600

    Our experience with this group has been more than satisfactory and yes they
    did sign off on any legal disclosures and security policies we have at the
    bank. We have used them for close to two years and see no reason to bring
    this particular part of security back internally.

    But you're right it will vary greatly company to company but that seems to
    be true of anything in this business.

    -----Original Message-----
    From: Strand, John (Mission Systems) [mailto:John.Strand@ngc.com]
    Sent: Friday, January 07, 2005 3:19 PM
    To: Jamie Fullerton
    Cc: focus-ms@securityfocus.com
    Subject: RE: suggestions for proxy server to run on w2003 box.. :VSMail
    mx3

    Oh god no.

    It can be a big (and very expensive) pain in the ass.

    I have been in this situation before at one of the client sites I worked at.
    If there were any changes that needed to be made you had to call the
    company, wait on hold, then describe the change you needed to make to a help
    center then wait for someone to get back to you. Many times the person who
    was making the change was not a security or networking expert and made the
    situation worse. And no, this was not some small fly by night security
    outfit.

    People who offer this type of service often tell you that you will get
    prompt, expert service instantly. And, maybe some providers actually do
    provide prompt, expert service, but I have yet to see or hear about it.

    What is worse is that they may start out great. They are jonny-on-the-spot
    will all your security needs and desires. But companies change...

    Finally, can you completely trust their company? I know they will say you
    can. But can you? Did their employees sign of on your rules of behavior? Is
    their network secure? Remember that you are basically handing off the keys
    to your kingdom to a bunch of unknown individuals.

    If cost is an issue there are great open source resources. In the long run
    it may be cheaper to train someone to manage it internally.

    This is strictly my opinion based on one bad experience and a few stories.
    But, sitting their on hold while my client's network was vulnerable gave me
    allot of time to think.

    john

    -----Original Message-----
    From: Jamie Fullerton [mailto:Jamie.Fullerton@ndbt.com]
    Sent: Friday, January 07, 2005 12:07 PM
    To: focus-ms@securityfocus.com
    Subject: RE: suggestions for proxy server to run on w2003 box.. :VSMail
    mx2

    Good morning,
    Would the possibility of outsourcing your company's firewall be viable?
    Currently our company uses a group called MessageSecure Corporation to
    handle our major firewall and proxy services. They ship us a firewall/proxy
    device (Unix based I believe) to put on site and it generates reports that
    we may monitor. Their group also monitors performance and alert us to any
    suspicious activity via cell phone or email.

    -Jamie

    -----Original Message-----
    From: Murad Talukdar [mailto:talukdar_m@subway.com]
    Sent: Thursday, January 06, 2005 9:22 PM
    To: focus-ms@securityfocus.com
    Subject: suggestions for proxy server to run on w2003 box.. :VSMail mx2

    Hi, I was hoping I could get some suggestions as to what kind of proxy
    server would be best to use to control access (as well as be used as proxy
    server) for sharing a 2Mb connection. We have a LAN with 30-40 users and
    need to control 10-15 of them to the point of only allowing certain sites.

    I was thinking of loading it onto a W2003 box.

    I was thinking ISA but not sure if I can convince bean counters of the
    benefit.

    Thanks

    Kind Regards
    Murad Talukdar

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------

  • Next message: Shaffer, Bruce: "RE: Anti-spyware Beta from Microsoft available"

    Relevant Pages

    • RE: Open All Outbound Ports?
      ... out with the introduction of a proxy server and some content filtering. ... by means of a ISA firewall client installed on the WK ... "security procedures" we have in place. ... Subject: Open All Outbound Ports? ...
      (Security-Basics)
    • [REVS] XST Strikes Back
      ... Get your security news from a reliable source. ... support for TRACE in browsers and proxy servers. ... never arrives at the web server (of course, if the first proxy server is ...
      (Securiteam)
    • Re: msdn.com search failure
      ... BTW are you using a proxy server? ... I have alread knocked security and cookie security ... > level components are probably the OS itself. ... >>> is a problem with some shared component browsers use. ...
      (microsoft.public.windows.inetexplorer.ie6.browser)
    • Error number: 0x80244016
      ... We are on a network behind a firewall with a proxy server and are having ... SP2 installs microsofts security center and firewall, ...
      (microsoft.public.windowsupdate)
    • https loads slowly with windows 2000
      ... >freezes up and doesn not load, ... I've tried eliminating spyware, defragged ... >the system and checked the proxy server. ... compromising a section in the Security section of their ...
      (microsoft.public.windows.inetexplorer.ie6.browser)